> [email protected] install /node_modules/iltorb
> node ./scripts/install.js || node-gyp rebuild

/node_modules/are-we-there-yet/tracker-stream.js:34
  .method('completed')
  ^

TypeError: Cannot read property 'method' of undefined
    at Object.<anonymous> (/node_modules/are-we-there-yet/tracker-stream.js:34:3)
    at Module._compile (internal/modules/cjs/loader.js:707:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:718:10)
    at Module.load (internal/modules/cjs/loader.js:605:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:544:12)
    at Function.Module._load (internal/modules/cjs/loader.js:536:3)
    at Module.require (internal/modules/cjs/loader.js:643:17)
    at require (internal/modules/cjs/helpers.js:22:18)
    at Object.<anonymous> (/node_modules/are-we-there-yet/tracker-group.js:5:21)
    at Module._compile (internal/modules/cjs/loader.js:707:30)

Node version: v11.4.0

please add a license file :)

Hi there

Just stumbled upon your library in our project node_modules directory, not sure which package is using it as a dependency. Used version is 1.1.4.

As a tiny tiny improvement, would you consider removing a couple of not needed (?) files from packaged contents?

Currently:

> dir /b
CHANGES.md
CHANGES.md~
index.js
LICENSE
package.json
README.md
tracker-base.js
tracker-group.js
tracker-stream.js
tracker.js

From a quick look, CHANGES.md~ might be dropped. Not sure about the different *.js files, I haven't checked, they might as well be imported one from the other.

what are your plans on dropping support for old environments? Maybe just target latest LTS?
(node 8+)

What / Why

There appears to be a 1.1.7 that has no differences from 1.1.6 other than the versions. This showed up when cutting a release, and it's confusing. What was the change and what were the commits?

Who

• @wraithgar

https://www.youtube.com/watch?v=i84UiuzlPwI

oh, wait. PR inc

Hi!
I have a question about this part of the documentation:

Shared Methods

• tracker.finish()

Marks the tracker as completed. With a TrackerGroup this marks all of its components as completed.

Marks all of the components of this tracker as finished, which in turn means that tracker.completed() for this will now be 1.

This will result in one or more change events being emitted.

It states that every tracker does implement .finish(). However in the code, TrackerStream extends stream.Transform and then delegates complete and addWork to its tracker attribute. I do not see any .finish() method defined anywhere. Am I missing something ?
I am currently writing a typings definition for this module and this causes me some issues.

Affected files:
are-we-there-yet/node_modules/readable-stream/lib/_stream_readable.js
813: while (state.flowing && stream.read() !== null) {}

Risks:
An attacker could provide a very high loop iteration count, causing the loop to go on for prolonged periods of time, potentially causing the application to stop responding. Additionally, if the operation inside the loop is tied to some exhaustible functionality, it may cause bloat elsewhere; For example - if file writes occur inside the loop, then an attacker can cause that file to bloat by simply engaging this file writing capability a very high amount of times.

The application relied on a user-provided value to determine the number of iterations performed by a loop, without enforcing a limited range for this value.

The tests fail under Node.js v0.8:

util.js:538
  ctor.prototype = Object.create(superCtor.prototype, {
                                          ^
TypeError: Cannot read property 'prototype' of undefined
    at Object.exports.inherits (util.js:538:43)
    at Object.<anonymous> (/home/travis/build/SonicHedgehog/are-we-there-yet/index.js:115:6)
    at Module._compile (module.js:449:26)
    at Object.Module._extensions..js (module.js:467:10)
    at Module.load (module.js:356:32)
    at Function.Module._load (module.js:312:12)
    at Module.require (module.js:362:17)
    at require (module.js:378:17)
    at Object.<anonymous> (/home/travis/build/SonicHedgehog/are-we-there-yet/test/tracker.js:3:15)
    at Module._compile (module.js:449:26)
not ok test/tracker.js .................................. 0/1
    Command: "/home/travis/.nvm/v0.8.28/bin/node tracker.js"
    TAP version 13
    not ok 1 test/tracker.js

The First time i installed the npm managed application it worked fine . but next time installed on the machine it shows following Error:
Installing packages...
util.js:160
throw new ('superCtor.prototype',
^
TypeError [ERR_INVALID_ARG_TYPE]: The "superCtor.prototype" property must be of type object. Received undefined
at Object.inherits (util.js:160:11)
at Object. (C:\Program Files\nodejs\node_modules\npm\node_modules\are-we-there-yet\node_modules\readable-stream\lib_stream_duplex.js:53:6)
at Module._compile (internal/modules/cjs/loader.js:1138:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1158:10)
at Module.load (internal/modules/cjs/loader.js:986:32)
at Function.Module._load (internal/modules/cjs/loader.js:879:14)
at Module.require (internal/modules/cjs/loader.js:1026:19)
at require (internal/modules/cjs/helpers.js:72:18)
at Object. (C:\Program Files\nodejs\node_modules\npm\node_modules\are-we-there-yet\node_modules\readable-stream\readable.js:16:20)
at Module._compile (internal/modules/cjs/loader.js:1138:30) {
code: 'ERR_INVALID_ARG_TYPE'
}

Following are the dependency installed:
"dependencies": {
"delegates": "^1.0.0",
"readable-stream": "^2.0.6"
},

Tried removing loader.js but issue still persists.
Please Suggest resolution

Hello!

I hope you are doing well!

We are a security research team. Our tool automatically detected a vulnerability in this repository. We want to disclose it responsibly. GitHub has a feature called Private vulnerability reporting, which enables security research to privately disclose a vulnerability. Unfortunately, it is not enabled for this repository.

Can you enable it, so that we can report it?

Thanks in advance!

PS: you can read about how to enable private vulnerability reporting here: https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository

The sentence "Ordinarily these are constructed as a part of a tracker group (via newItem) but they c" is not complete, some words seem to be missing here:

What / Why

v1.1.6 dropped support for Node.js < 10
All projects that directly or indirectly (e.g. through npmlog) have a dependency declared on some version of v1.1, e.g. "are-we-there-yet": "~1.1.2" will pick up the new version 1.1.6 and will thus break if they're using Node < 10.

Was this intended? My normal expectation of semantic versioning is that a breaking change like modifying supported Node versions would be a major version change i.e. 2.0.0, as per the semantic versioning guidelines https://semver.org/:

Given a version number MAJOR.MINOR.PATCH, increment the

• MAJOR version when you make incompatible API changes,
• MINOR version when you add functionality in a backwards compatible manner, and
• PATCH version when you make backwards compatible bug fixes.

As it stands, it seems there may be many projects (such as my own :) using Node < 10 that will suddenly be experiencing unexpected build failures due to the automatic version upgrade of a transitive dependency on are-we-there-yet.

Where

Any project with a transitive dependency on v1.1

Workaround

If using yarn or npm-force-resolutions, you can add a resolutions block to your package.json:

  "resolutions": {
    "are-we-there-yet": "<=1.1.5"
  },

However, this isn't a solution if you're a library creator with a transitive dependency to are-we-there-yet; resolutions are only processed on top-level package.json files.

npm shrinkwrap may also be an option (only if you're not using yarn).

This is causing breakage on 0.8:

$ npm install
util.js:538
  ctor.prototype = Object.create(superCtor.prototype, {
                                          ^
TypeError: Cannot read property 'prototype' of undefined
    at Object.exports.inherits (util.js:538:43)
    at Object.<anonymous> (/home/travis/.nvm/v0.8.28/lib/node_modules/npm/node_modules/npmlog/node_modules/are-we-there-yet/index.js:115:6)
    at Module._compile (module.js:449:26)
    at Object.Module._extensions..js (module.js:467:10)
    at Module.load (module.js:356:32)
    at Function.Module._load (module.js:312:12)
    at Module.require (module.js:362:17)
    at require (module.js:378:17)
    at Object.<anonymous> (/home/travis/.nvm/v0.8.28/lib/node_modules/npm/node_modules/npmlog/log.js:2:16)
    at Module._compile (module.js:449:26)